public async Task <ActionResult> Login(string login, string password, bool createPersistentCookie) { //var userName = "******"; //var password = "******"; //var createPersistentCookie = true; var token = ""; BaseAuthModel restResult = BaseRestClient <GetUserInformationModel> .Authorizatize("http://localhost:5117/auth", login, password); if (restResult != null) { token = restResult.Token; if (!token.IsNullOrWhiteSpace()) { FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, //version login, // user name DateTime.Now, //creation DateTime.Now.AddMinutes(30), //Expiration (you can set it to 1 month true, //Persistent null); // additional informations var encryptedCookie = FormsAuthentication.Encrypt(authTicket); var authCookie = new HttpCookie("AdventureWorksUser", encryptedCookie); if (createPersistentCookie) { authCookie.Expires = authTicket.Expiration; } authCookie.HttpOnly = true; authCookie.Path = FormsAuthentication.FormsCookiePath; authCookie["UserName"] = login; authCookie["Token"] = token; authCookie["Claims"] = string.Join(",", restResult.Claims.ToArray()); HttpContext.Response.Cookies.Remove("AdventureWorksUser"); HttpContext.Response.SetCookie(authCookie); FormsAuthentication.SetAuthCookie(login, createPersistentCookie); return(RedirectToAction("Index", "Home")); } } return(View()); }